Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9148BFA/04A24C34114311EC97369F73C4F9AE02/290CB2C2C8B611ED9A1D817EC4F9AE02.roa
File: 290CB2C2C8B611ED9A1D817EC4F9AE02.roa (raw, json)
Hash identifier: nfgKb/+Rc3nXdv7QmJMgi1bB6SroEhRcV7K8KSJdcNk=
Subject key identifier: 8A:32:90:E0:9C:B1:1E:9B:E3:D5:B3:77:3F:7A:C7:A7:78:8D:E4:8F
Certificate issuer: /CN=A9148BFA/serialNumber=157B0BDE0E3CADB294839BC9815655644DB26E91
Certificate serial: 0367
Authority key identifier: 15:7B:0B:DE:0E:3C:AD:B2:94:83:9B:C9:81:56:55:64:4D:B2:6E:91
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FXsL3g48rbKUg5vJgVZVZE2ybpE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9148BFA/04A24C34114311EC97369F73C4F9AE02/290CB2C2C8B611ED9A1D817EC4F9AE02.roa
Signing time: Wed 22 Mar 2023 13:33:42 +0000
ROA not before: Wed 22 Mar 2023 13:33:42 +0000
ROA not after: Sun 31 Mar 2024 00:00:00 +0000
asID: 206264
IP address blocks: 103.46.141.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 871 (0x367)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9148BFA/serialNumber=157B0BDE0E3CADB294839BC9815655644DB26E91
Validity
Not Before: Mar 22 13:33:42 2023 GMT
Not After : Mar 31 00:00:00 2024 GMT
Subject: CN=641b03b5-4e37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:79:67:84:c9:6b:e1:c8:20:92:a2:eb:07:1e:
43:5f:07:47:4f:21:8e:42:9e:77:b7:5f:96:0a:01:
65:20:5c:c2:85:fd:c5:9c:72:05:8a:79:f4:34:a0:
29:ec:42:d6:85:7f:9f:67:8f:c9:79:28:39:08:9b:
7e:47:f6:83:df:61:a2:e1:56:55:29:23:90:2c:70:
93:b6:1e:86:b6:2c:2b:cc:48:f3:ec:e3:ff:fb:94:
d0:cd:c3:3c:06:96:25:48:f6:e4:d7:21:b8:e1:9b:
e0:f3:76:74:2e:27:1f:d4:3a:26:fc:ee:8e:0c:e9:
0b:5b:64:23:36:ec:c9:92:02:a5:0e:5b:10:d5:fc:
c1:5a:7a:8c:fe:de:29:ff:48:81:2c:14:73:58:d3:
38:c7:92:3c:2d:49:93:b2:4a:e5:89:59:01:0e:2b:
3f:82:fa:8a:f0:97:05:80:58:b7:09:b1:15:76:3f:
c0:68:61:8b:f3:76:09:0a:15:a3:cb:4c:b2:76:08:
99:83:b3:6a:a9:f7:9d:f8:f1:4f:c5:5b:ef:46:9a:
9e:9b:fc:4e:dd:f2:92:b6:e6:92:78:d0:ca:73:41:
44:88:9c:46:d9:9d:93:79:0a:97:b6:b4:b3:e0:cd:
26:a4:b7:a5:0f:3c:af:fa:05:d0:20:2a:a8:cf:ff:
cf:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:32:90:E0:9C:B1:1E:9B:E3:D5:B3:77:3F:7A:C7:A7:78:8D:E4:8F
X509v3 Authority Key Identifier:
keyid:15:7B:0B:DE:0E:3C:AD:B2:94:83:9B:C9:81:56:55:64:4D:B2:6E:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9148BFA/04A24C34114311EC97369F73C4F9AE02/FXsL3g48rbKUg5vJgVZVZE2ybpE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FXsL3g48rbKUg5vJgVZVZE2ybpE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9148BFA/04A24C34114311EC97369F73C4F9AE02/290CB2C2C8B611ED9A1D817EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.46.141.0/24
Signature Algorithm: sha256WithRSAEncryption
53:4a:e7:0d:36:a7:4d:85:57:88:06:e2:57:44:c2:fa:e3:46:
3e:f5:e5:46:f4:ed:5b:fc:cc:7f:66:5f:2a:22:de:f4:5a:e0:
da:da:24:1e:a3:68:ac:e4:b7:7f:d0:90:c5:93:9f:76:34:64:
e1:19:64:9b:42:64:73:39:39:66:41:de:30:9d:ca:0b:95:91:
85:ba:48:ad:94:eb:4c:9c:10:e3:8e:22:82:6b:2a:81:30:af:
55:7a:a5:45:c1:0b:df:ee:d5:02:26:45:f9:9b:cf:67:d6:d7:
40:02:d2:b4:7c:76:3a:31:74:05:0f:e1:c8:02:53:a1:7a:18:
79:8c:f0:1c:d1:5f:23:34:43:77:9f:d2:11:f6:81:8a:1e:26:
03:69:11:f0:c4:89:98:d0:2e:ef:15:24:ff:9f:4f:6b:1c:61:
4a:ed:cc:31:73:0b:21:f8:15:7d:7d:e1:53:dc:8c:64:c8:18:
8d:80:30:5d:71:15:7a:13:cb:2a:f6:e9:49:24:2e:18:a4:2a:
30:7e:79:07:e0:d3:8f:95:9f:f0:f7:8c:10:30:8f:12:df:fb:
7b:92:49:cb:d0:0b:ac:69:74:8a:ec:00:7e:c4:a3:95:bc:d0:
87:32:52:a8:a3:4b:2a:5e:12:ca:e6:d0:39:85:6b:1b:37:f6:
d3:cc:0d:76
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICA2cwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDhCRkExMTAvBgNVBAUTKDE1N0IwQkRFMEUzQ0FEQjI5NDgzOUJDOTgxNTY1NTY0
NERCMjZFOTEwHhcNMjMwMzIyMTMzMzQyWhcNMjQwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDFiMDNiNS00ZTM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAznlnhMlr4cggkqLrBx5DXwdHTyGOQp53t1+WCgFlIFzChf3FnHIFinn0NKAp
7ELWhX+fZ4/JeSg5CJt+R/aD32Gi4VZVKSOQLHCTth6GtiwrzEjz7OP/+5TQzcM8
BpYlSPbk1yG44Zvg83Z0Licf1Dom/O6ODOkLW2QjNuzJkgKlDlsQ1fzBWnqM/t4p
/0iBLBRzWNM4x5I8LUmTskrliVkBDis/gvqK8JcFgFi3CbEVdj/AaGGL83YJChWj
y0yydgiZg7Nqqfed+PFPxVvvRpqem/xO3fKStuaSeNDKc0FEiJxG2Z2TeQqXtrSz
4M0mpLelDzyv+gXQICqoz//PpwIDAQABo4IClTCCApEwHQYDVR0OBBYEFIoykOCc
sR6b49Wzdz96x6d4jeSPMB8GA1UdIwQYMBaAFBV7C94OPK2ylIObyYFWVWRNsm6R
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OEJGQS8wNEEyNEMzNDEx
NDMxMUVDOTczNjlGNzNDNEY5QUUwMi9GWHNMM2c0OHJiS1VnNXZKZ1ZaVlpFMnli
cEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZYc0wzZzQ4cmJLVWc1dkpnVlpWWkUyeWJwRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDhCRkEvMDRBMjRDMzQxMTQzMTFFQzk3MzY5RjczQzRGOUFFMDIvMjkwQ0IyQzJD
OEI2MTFFRDlBMUQ4MTdFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnLo0wDQYJKoZIhvcNAQELBQADggEBAFNK5w02p02FV4gG
4ldEwvrjRj715Ub07Vv8zH9mXyoi3vRa4NraJB6jaKzkt3/QkMWTn3Y0ZOEZZJtC
ZHM5OWZB3jCdyguVkYW6SK2U60ycEOOOIoJrKoEwr1V6pUXBC9/u1QImRfmbz2fW
10AC0rR8djoxdAUP4cgCU6F6GHmM8BzRXyM0Q3ef0hH2gYoeJgNpEfDEiZjQLu8V
JP+fT2scYUrtzDFzCyH4FX194VPcjGTIGI2AMF1xFXoTyyr26UkkLhikKjB+eQfg
04+Vn/D3jBAwjxLf+3uSScvQC6xpdIrsAH7Eo5W80IcyUqijSypeEsrm0DmFaxs3
9tPMDXY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:05 2024 by rpki-client on console-fra.rpki-client.org